From eb805bd17cf9586a5a39c9747da4db0899091bf9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cristhian=20Mart=C3=ADnez=20Ochoa?= Date: Fri, 6 Jul 2018 19:40:47 -0500 Subject: [PATCH] server conf updated linux optim updated auto-server update improved --- lib/install | 45 ++++++++++++++++++++++++++++++++++++++------- lib/update | 22 +++++++++++++++++++--- 2 files changed, 57 insertions(+), 10 deletions(-) diff --git a/lib/install b/lib/install index f258b6f..60e075e 100644 --- a/lib/install +++ b/lib/install @@ -7,7 +7,7 @@ app_version() { echo $app_ver } svr_version() { - local ser_ver="1.1" + local ser_ver="1.2" echo $ser_ver } @@ -76,15 +76,49 @@ LimitNOFILE=$nginxfd" | tee -a /etc/systemd/system/nginx.service.d/nofile_limit. #echo "tmpfs /var/run/nginx-cache tmpfs size=${cacheram}M,mode=0744,uid=www-data,gid=www-data 0 0" | sudo tee -a /etc/fstab #sudo mount /var/run/nginx-cache - # Linux Optimization - https://www.linode.com/docs/web-servers/nginx/configure-nginx-for-optimized-performance sudo echo "# WebinolyStart - Don't delete fs.file-max = $newfd +fs.nr_open=12000000 +vm.min_free_kbytes=65536 net.core.somaxconn = 65536 +net.core.wmem_max=16777216 +net.core.rmem_max=16777216 +net.core.netdev_max_backlog=8192 +net.core.optmem_max=8192 +net.ipv4.ip_local_port_range=1024 65535 +net.ipv4.icmp_echo_ignore_broadcasts = 1 +net.ipv4.icmp_ignore_bogus_error_responses = 1 net.ipv4.tcp_max_tw_buckets = 1440000 -net.ipv4.ip_local_port_range = 1024 65000 -net.ipv4.tcp_fin_timeout = 20 net.ipv4.tcp_window_scaling = 1 net.ipv4.tcp_max_syn_backlog = 3240000 +net.ipv4.tcp_rmem=8192 87380 16777216 +net.ipv4.tcp_wmem=8192 65536 16777216 +net.ipv4.tcp_fin_timeout=10 +net.ipv4.tcp_keepalive_intvl=30 +net.ipv4.tcp_keepalive_probes=3 +net.ipv4.tcp_keepalive_time=240 +net.ipv4.tcp_sack=1 +net.ipv4.tcp_syn_retries=3 +net.ipv4.tcp_synack_retries = 2 +net.ipv4.tcp_tw_recycle = 0 +net.ipv4.tcp_tw_reuse = 0 +net.ipv4.tcp_slow_start_after_idle=0 +net.ipv4.tcp_rfc1337=1 +net.ipv4.tcp_challenge_ack_limit = 999999999 +net.ipv4.tcp_mtu_probing = 1 +net.ipv4.tcp_base_mss = 1024 +net.ipv4.conf.all.accept_redirects = 0 +net.ipv4.conf.all.accept_source_route = 0 +net.ipv4.conf.all.log_martians = 1 +net.ipv4.conf.all.rp_filter = 1 +net.ipv4.conf.all.secure_redirects = 0 +net.ipv4.conf.all.send_redirects = 0 +net.ipv4.conf.default.accept_redirects = 0 +net.ipv4.conf.default.accept_source_route = 0 +net.ipv4.conf.default.log_martians = 1 +net.ipv4.conf.default.rp_filter = 1 +net.ipv4.conf.default.secure_redirects = 0 +net.ipv4.conf.default.send_redirects = 0 # WebinolyEnd" | tee -a /etc/sysctl.conf # https://www.cyberciti.biz/faq/linux-increase-the-maximum-number-of-open-files/ @@ -303,9 +337,6 @@ php_optim() { local maxuploads="50" fi - # Not needed anymore! https://serverfault.com/questions/627903/is-the-php-option-cgi-fix-pathinfo-really-dangerous-with-nginx-php-fpm - #sudo sed -i '/cgi.fix_pathinfo=/c\cgi.fix_pathinfo=0' /etc/php/$ver/fpm/php.ini - sudo sed -i '/memory_limit =/c\memory_limit = 128M' /etc/php/$ver/fpm/php.ini sudo sed -i '/max_execution_time =/c\max_execution_time = 300' /etc/php/$ver/fpm/php.ini sudo sed -i '/expose_php =/c\expose_php = Off' /etc/php/$ver/fpm/php.ini diff --git a/lib/update b/lib/update index 50cfd6f..a6f346f 100644 --- a/lib/update +++ b/lib/update @@ -40,12 +40,28 @@ must-staple = True" | tee -a /etc/letsencrypt/cli.ini fi # Update nginx and php conf files - sudo webinoly -server-update + serupd=1 } -# Version numbers without point -[[ ${newver//.} -ge 11 ]] && onezero_to_oneone > /dev/null 2>&1 & +oneone_to_onetwo() { + # Forgot doing it in 1.1 update + sudo apt-get -y install zip + + # Update nginx and php conf files + serupd=1 +} + + +# Update-Server Flag +serupd=0 + +# Version numbers without point +[[ ${oldver//.} -lt 11 ]] && onezero_to_oneone > /dev/null 2>&1 & +[[ ${oldver//.} -lt 12 ]] && oneone_to_onetwo > /dev/null 2>&1 & + + +[[ $serupd == 1 ]] && sudo webinoly -server-update echo "${gre}Your server-configuration has been successfully updated!${end}"